Provided by: ecryptfs-utils_111-0ubuntu1_amd64 bug


       mount.ecryptfs_private - eCryptfs private mount helper.


       mount.ecryptfs_private [ALIAS]

       NOTE:  This  program  will not dynamically load the relevant keys.  For this reason, it is
       recommended that users use ecryptfs-mount-private(1) instead!


       mount.ecryptfs_private is a mount helper utility for non-root users  to  cryptographically
       mount a private directory, ~/Private by default.

       This  program optionally takes one argument, ALIAS.  If ALIAS is omitted, the program will
       default to using "Private" using:
        - $HOME/.Private as the SOURCE
        - $HOME/Private as the DESTINATION
        - $HOME/.ecryptfs/Private.sig for the key signatures.

       If ALIAS is specified, then the program will look for an fstab(5) style configuration in:
        - $HOME/.ecryptfs/ALIAS.conf and for key signature(s) in:
        - $HOME/.ecryptfs/ALIAS.sig

       The mounting will proceed if, and only if:
         - the required passphrase is in their kernel keyring, and
         - the current user owns both the SOURCE and DESTINATION mount points
         - the DESTINATION is not already mounted

       This program will:
         - mount SOURCE onto DESTINATION
         - as an ecryptfs filesystem
         - using the AES cipher
         - with a key length of 16 bytes
         - using the passphrase whose signature is in ~/.ecryptfs/Private.sig

       The only setuid operation in this program is the call to mount(8) or umount(8).

       The  ecryptfs-setup-private(1)  utility  will  create   the   ~/.Private   and   ~/Private
       directories,   generate   a   mount   passphrase,  wrap  the  passphrase,  and  write  the

       The system administrator can add the module to the PAM  stack  which  will
       automatically  use the login passphrase to unwrap the mount passphrase, add the passphrase
       to the user's kernel keyring, and automatically perform the mount. See pam_ecryptfs(8).


       ~/.Private - underlying directory containing encrypted data

       ~/Private - mountpoint containing decrypted data (when mounted)

       ~/.ecryptfs/Private.sig - file containing signature of mountpoint passphrase

       ~/.ecryptfs/wrapped-passphrase - mount passphrase, encrypted with the login passphrase


       ecryptfs(7),    ecryptfs-rewrap-passphrase(1),    ecryptfs-setup-private(1),    keyctl(1),
       mount(8), umount.ecryptfs_private(1), pam_ecryptfs(8), fstab(5)



       This  manpage  and  the  mount.ecryptfs_private  utility  was  written  by Dustin Kirkland
       <> for Ubuntu systems (but may  be  used  by  others).   Permission  is
       granted to copy, distribute and/or modify this document under the terms of the GNU General
       Public License, Version 2 or any later version published by the Free Software Foundation.

       On Debian and Ubuntu systems, the complete text of the GNU General Public License  can  be
       found in /usr/share/common-licenses/GPL.